audit/ — Someli platform audit tree¶
The audit-style reference documentation for the Someli social-media-management platform. Per-repo subtrees describe nine separately-versioned git repositories under the Someli-ai GitHub organisation that together build out three user-facing products.
Parent tree: this is one of three subtrees under
someli-doc/. The siblings arecode-inspect/(concrete bug findings) andonboard/(developer onboarding). Start with the parent README if you don't know which tree you need.
If you're reading this for the first time, start with PLATFORM-OVERVIEW.md — it explains what each repo is for, which are canonical, and which are derived snapshots.
If you're auditing the platform for a TDD / due-diligence report, the structure here is intentionally aligned with _meta/AUDIT_GUIDE.md (the audit playbook authored alongside the original someli-api component audit).
Repository map¶
The nine repos are organised under three products + three supporting / aggregated repos:
| Subtree | Repo (GitHub Someli-ai/…) |
Role | Audit subtree |
|---|---|---|---|
| Main app | someli-api |
Express + MySQL backend (the platform's largest service) | someli-api/ |
someli-platform |
Nuxt 2 / Vue 2 SPA frontend | someli-platform/ |
|
| Design editor (internal) | designer-api |
Express + MySQL backend for the in-house designer tool | designer-api/ |
Someli-Designer |
Nuxt 2 / Vue 2 + Polotno frontend (internal staff designer UI) | Someli-Designer/ |
|
| Admin console | Someli-admin-api |
Express + MySQL backend for admin endpoints | Someli-admin-api/ |
admin_console_R |
Vite + React + TS + shadcn/ui admin frontend | admin_console_R/ |
|
| Supporting | someli-dashboard-be |
Tiny standalone Express service that mirrors someli-api/dashboard/ |
someli-dashboard-be/ |
someli-mono-repo |
Aggregated snapshot of someli-api + someli-platform (read-only) |
someli-mono-repo/ |
|
someli-project |
Aggregated snapshot of all 6 product repos (read-only) | someli-project/ |
The "supporting" row is not an independent product. See PLATFORM-OVERVIEW.md § 3 for the canonical-vs-snapshot distinction.
Cross-cutting docs¶
These live at the root of someli-doc/ because they span multiple repos:
- PLATFORM-OVERVIEW.md — the three products, the nine repos, how they relate
- CODE-OVERLAP-MATRIX.md — shared code between repos, what was copy-pasted, what's diverged
- _meta/AUDIT_GUIDE.md — the playbook used to author the per-repo audits (originally
WEB_CLIENT_AUDIT_GUIDE.md) - _meta/canonical-vs-cloned.md — comparison between the two working copies of
someli-apiandsomeli-platform(one insomeli-gh/, one in the parentsomeli/directory)
Per-repo subtrees¶
Each subtree under this folder contains the audit + reference docs for that repo. The exact files vary slightly by component type (frontend vs backend), but the shape is consistent:
<repo>/
├── README.md # component-level index, summary table
├── architecture-overview.md # framework, structure, entry point
├── routing-and-state.md # FE only — routes + state mgmt
├── api-consumption.md # FE only — how it talks to backend
├── authentication-client.md # FE only — token storage, sessions
├── ui-component-library.md # FE only — design system
├── API-inventory.md # BE only — endpoint inventory
├── jobs-inventory.md # BE only — background jobs (if any)
├── data-model.md # BE only — DB schema (if known)
├── authentication.md # BE only — auth strategy
├── content-pipeline.md # BE only — content/AI flow (if relevant)
├── rag-pipeline.md # BE only — RAG (if relevant)
├── agents-and-ai.md # BE only — AI agents (if relevant)
├── dashboard-analytics.md # BE only — dashboard (if relevant)
├── media-processing.md # BE only — image/video (if relevant)
├── notifications.md # BE only — Slack/email (if relevant)
├── realtime-events.md # BE only — Socket.IO (if relevant)
├── user-specific-ai.md # BE only — per-user AI (if relevant)
├── dependencies-inventory.md # all npm packages with version
├── configuration.md # env vars, runtime config
├── security.md # threats, CSP, secrets handling
├── observability.md / logging-observability.md # logging, error tracking
├── performance.md # FE only — bundle, Core Web Vitals
├── accessibility.md # FE only — WCAG posture
├── testing.md # tests (or absence)
├── i18n.md # FE only — internationalization
├── seo-and-metadata.md # FE only — SEO
├── Integration-inventory.md # external services (AWS, Polotno, etc.)
├── deployment.md / build-and-deploy.md # Docker, CI/CD, prod env
├── error-handling.md # error policy
├── engineering-charter.md # team norms (if shared)
├── engineering-practices.md # ways of working
├── maturity-model.md # CMMI rating
├── enterprise-readiness.md # TDD-style summary + roadmap
├── verification-report.md # claim-vs-reality audit
├── verify-markers.md # open [VERIFY] questions
├── tdd-report.md # TDD master (for the lead repos)
├── definition-of-done.md # DoD policy (if maintained)
├── pr-template-reference.md # PR template reference
├── getting-started.md # local-dev quickstart
├── first-deployment.md # first-deploy walkthrough
├── visuals-tracking.md # planned diagrams
├── doc-tree-structure.md # explains the file layout (this section)
└── code-overlap-notes.md # this repo's overlap with siblings (new)
Backends rooted in someli-api's legacy pattern (someli-api, designer-api, Someli-admin-api, someli-dashboard-be) keep the file-naming convention used in the earlier someli-api audit. None of these documentation files are committed in any cloned repo — they live only here in the audit tree.
Frontends use the WEB_CLIENT_AUDIT_GUIDE.md file-naming convention from the earlier web-client audit. Same caveat: documentation files only ever lived in the audit tree, not in any cloned repo.
Where a category does not apply to a repo, the file is omitted rather than padded with "N/A".
How this tree was built¶
This documentation tree is derived from two earlier audit efforts (both authored outside the source repos — they have never been committed to any of the cloned repositories):
- An earlier audit of the main backend,
someli-api(≈40 files) - An earlier audit of the main frontend,
someli-platform(≈22 files + 18 web-client sub-files)
Those audit files were brought into audit/someli-api/ and audit/someli-platform/ under this tree and then extended:
- Per-repo audits were authored for the seven repos that had no prior documentation (designer-api, Someli-Designer, admin_console_R, Someli-admin-api, someli-dashboard-be, someli-mono-repo, someli-project)
- Cross-cutting docs (
PLATFORM-OVERVIEW,CODE-OVERLAP-MATRIX) were authored fresh to tie the components together
The methodology is documented in _meta/AUDIT_GUIDE.md. When in doubt about how a specific topic should be structured, refer back to that guide.
Audit version¶
| Tree version | 0.1 |
| Last verified | 2026-05-17 |
| Source repos | snapshot at the commits in /home/nino/src/someli/someli-gh/* at audit time |
| Author | initial draft via Claude Code |
Re-verify against the canonical repos every 6 months or after a major refactor.